Comparing version 6.4.0 to 6.4.1
@@ -100,3 +100,7 @@ "use strict"; | ||
// Supports JSON, JSONC, & JSON5 | ||
(0, jju_1.parse)((0, fs_1.readFileSync)(configPath, "utf8"))) | ||
(0, jju_1.parse)((0, fs_1.readFileSync)(configPath, "utf8"), { | ||
// When passing an allowlist using NSRecord syntax, yargs will throw an error | ||
// "Invalid JSON config file". We need to add this flag to prevent that. | ||
null_prototype: false, | ||
})) | ||
.options({ | ||
@@ -103,0 +107,0 @@ l: { |
@@ -21,4 +21,20 @@ "use strict"; | ||
function getNSPContent(nspRecord) { | ||
return Object.values(nspRecord)[0]; | ||
const values = Object.values(nspRecord); | ||
if (values.length > 0) { | ||
return values[0]; | ||
} | ||
throw new Error(`Empty NSPRecord is invalid. Here's an example of a valid NSPRecord: | ||
{ | ||
"allowlist": [ | ||
{ | ||
"vulnerable-module": { | ||
"active": true, | ||
"notes": "This is a note", | ||
"expiry": "2022-01-01" | ||
} | ||
} | ||
] | ||
} | ||
`); | ||
} | ||
exports.getNSPContent = getNSPContent; | ||
@@ -25,0 +41,0 @@ /** |
{ | ||
"name": "audit-ci", | ||
"version": "6.4.0", | ||
"version": "6.4.1", | ||
"description": "Audits NPM, Yarn, and PNPM projects in CI environments", | ||
@@ -5,0 +5,0 @@ "license": "Apache-2.0", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
99560
1556